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AMEPTOMENTS TO THE CLAIMS 

j (Currently amended) In a computer system providing access to at least one secvire 

resource upon authentication of a user where said user authentication is performed by an 
authentication server in remote communication with a client in use by said user, a method 
of saving said user auidientication for use when said authentication server is unavailable, 
the metliod comprisin g the steps of : 

— submitting a user authentication request to said authentication server; 
—in response to a successful user authentication; 

—receiving an authenticated user credential which Is imique to said user; 

-storing said authenticated credential on said client utilizing a security method to 

prevent tampering with the credential; 

—using said authenticated credential to access said at least one secure resource; 
in response to an iitigiicGe.qRfiil user authentication: 

detentniiung whether said authentication server is in operative communication with 
said client; 

in response to a determination that said authentication server is not in operative 
communication with said client: 

searching said client for a stored authenticated credential corresponding to said 

usen 

in response to finding an authenticated credential corresp r^t^HiTifr to said user, 
using said stored authenticated credential to access said at least one secure 
resource while said authentication server is not in operative commiinication with 
said client: and 

in response to not finding an authenticated credential corresponH inp; ta <iflid ii5;er- 
failigg the user autiienrication request. 

{€3j2. (Cuirentiy amended) The method of claim 1 finther compris ing the steps of : 
in raoponoo to on unsucc e sflful uDor auth e ntication: 
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— ^l e tenninmg wh e ther a oi d auth o ntication s&rvor ia in operativ e ooimnimication witti 
floid oliont^ 

— in response to a d e t e nnination that said authentication Dor^^or is not in op e rative 
coinmunication wiA - said oli e nt: 

gearohing Qoid client for a stor e d authentioatod crod e ntial corr e sponding to 

said user -- 

— — in r e spons e to finding on authentioa t od orodontial corr e sponding to said 
uoorv cioing said stor e d auth e nticated cr e d e ntial to ao ee ss said at least on e s e cure 
foaouroo; 

in response to not finding on authent i cated cr e d e ntial corr e sponding to said uaer, 

failing th e user authentication r e quest; - 
—in response to a determination that said authentication serv^ is in operative 
communication wifh said client: 

-erasing £rom said client any stared authenticated credential corresponding to said 
usen and 

-falling said user authentication request 

{^3^ (Currently amended) The method of claim 2 fiirthar comprisi ng the step of: 

implementing a set of security policies limiting the use of authenticated credentials 
stored oa said olient to access said at least one secure resource depending on a defined 
sejQsitivity of said at least one resource. 

fe4j4. (Currently amended) The method of claim 1 wherein said secxirity method is encryption 
of the credential. 

feSJl (Currently amended) The method of claim 1 wherein said security method is Public Key 
Infrastructure. 



j (Currently amended) The method of claim 1 i^rein said security method is hardware 

based Public Key Infrastructure. 
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|{e?}L (Currently amended) Themethodof claim 2 wherein said security methodic 
of the credential. 

|{eS}8, (Currently amended) Themethodof claim 2 wherein said security method is Public Key 
ixifirastructure. 

j {e^L (Cuirently amended) The method of claim 2 wherein said security method is hardware 
based Public Key Inj&astructure. 

I f©W}10^(Cuir«ntly amended) In a computer system providing access to at least one secure 

resource upon authentication of a user where said user authentication is performed by an 
authentication server in remote communication via a secure gateway with a client in use 
by said user, a method of caching said user authentication for use when said 
authentication server is unavailable, the method comprising the steps of: 
—submitting a user authentication request to said authentication server; 
—in response to a successful user authentication; 

-receiving an authenticated user credential which is unique to said user; 

-storing said auflxenticated credential on said client utiliang a security method to 

prevent tampering with the credential; 
j -storing said authenticated credential on said gateway utilizing a security method to 

prevent tampering with the credential; 

-using said authraticated credential to access said at least one secure resourceri 
in response to an unsuccessful user authentication: 

determining whetiier said authentication server is in operative communication with 

client; 

in response to a deteim iVj^tinn tha t said authentication ser ver is not io operative 

communication with said clienr: 
HRtPrmim'np, whether said gateway is in operative communi cation with said 

client: 
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in response to a detennination that said gatew ay is not in operative 

cominunication with said client: 

searching the client for an authenticate d credential corresponding to 

said user; 

in response to finding an authenticated credential corresponding to 

said user, using said authenticated credential to acce ss said at least 
one secure resource while said gateway is not in operative 
f^rtmTnuTii cation with said client; 

in response to not finding an authenticated credential corr estx)ndinfe to 

said user, failing the user authent ication request. 

[clljn, (Currently amended) The method of claim 10 fiirttier comprisinfi the steps of: 
in roDpongc to an unsucc e ssfid uoer authcaitioQtion: 

^otennimne wh e th e r said auth e ntication s e rv^cr io in operative oonamumcation -vfffe 

said olienl; 

- in response to a dgtonnirmtion that said auth e ntication oorv' e r ia not in op e rativ e 

efHBfia unioation with ooid cli e nt; 
dctorni i ning whotfacr paid gat e way io in opcrativ o communicotion with said 

cli e nt; 

in rosponsc to a dotermiaation that said gateway is not in oporativ e 

conununicatioD with ooid client: 

se arching tho client for an authenticat e d crodcntial coirogponding to 

Goid user; 

— — in rcsponso to finding an authenticated crodontiQl corresponding to 

said uaor, uoing said authenticated crodontiol to accoisis said at l e ast 
one secure rosouroe; 

m r e spons e to not finding an authenticat e d crodontiol coirosponding 

to said user, failing th e user authonticotion roquost; 
—in response to a determination that said gateway is in operative 
communication with said client: 
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-searching the gatewajr for an authenticated credential corresponding 
to said usen 

-in response to finding an authenticated credential corresponding to 
said user, using said audiendcated credential to access said at least one 
secure resource; 

—in response to not finding an authenticated credential corresponding 
to said user, failing the user authentication request; 
—in response to a determination that said authentication server is in operative 
communication with said client: 
I -erasing firom the client any authenticated credential corresponding 

to said user; 

-casing from the gateway any authenticated credential 
corresponding to said user: and 
-failing the user authentication request 

{e4^12. (Cuireiidy amended) The method of claim 1 1 further compri sing the step of : 

—implementing a set of security policies limiting tiie use of authenticated credentials 
stored on said client or on said gateway to access said at least one secure resource 
depending on a defined sensitivity of said at least one resource* 

M ^n. (Cuirentiy amended) The method of claim 10 wherein said security method is encryption 
of the credential. 

{ej4}14. (Cuirentiy amended) The method of claim 10 wherein said security method is Public 
Key hrfrastructure. 

fol5 1 15. (Currentiy amended) The method of cl^m 10 wherein said security method is hardware 
based Public Key InJQrastructure. 
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I ^16, (Cmrently amended) The method of claim 1 1 wherein said security method is enciyption 
of the credential. 

I (Currently amended) The method of claim 1 1 wherein said security method is PubUc 

Key Infrastructuie. 

I [c lS llS, (Currently amended) The method of claim 1 1 wherein said secnrity method is hardware 
based PubUc Key Infiastnictm:e, 
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